Skip to content

azl4: build target and test image definitions #697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
bfjelds wants to merge 14 commits into
base: user/bfjelds/azl4-1-runtime
Choose a base branch
from
Draft

azl4: build target and test image definitions #697

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
490d136
azl4: build target and test image definitions
bfjelds Jun 24, 2026
9f4e3a3
images: enable netplan-configure.service and tridentd in grub-azl4 te…
bfjelds Jun 26, 2026
175cdc7
images: address PR review feedback on builder and testimage scripts
bfjelds Jun 26, 2026
9e50bd5
make: note COSI vs baremetal-image ambiguity on .cosi targets
bfjelds Jun 26, 2026
8559e3d
images: remove unused config_file field; improve show-image docs
bfjelds Jun 26, 2026
2aa98c7
trident, not tridentd
bfjelds Jun 26, 2026
5c889ff
outout_and_config is ultimate truth of output type
bfjelds Jun 27, 2026
1c1818b
images: fix type hints and stale RPM comments
bfjelds Jun 27, 2026
adcce34
images: address review feedback on output-type logging
bfjelds Jun 27, 2026
dd39bf9
images: fail fast on unsupported --output-type
bfjelds Jun 27, 2026
b1fc268
images: tidy type annotations and unused import
bfjelds Jun 27, 2026
02fb36b
images: capitalize --output-type help text sentence
bfjelds Jun 27, 2026
5d01a5f
images: exact-match baremetal-image/vhd-fixed before ext fallback
bfjelds Jun 27, 2026
18c4449
images: only warn about ambiguous output type when alternative declared
bfjelds Jun 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .pipelines/templates/stages/trident_images/trident-testimg-template.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,21 @@ steps:
cp $(Build.ArtifactStagingDirectory)/ssh/id_rsa* ${{ parameters.tridentSourceDirectory }}/artifacts/
displayName: Copy SSH Keys

# Stage the SSH public key into the test image tree so the builder bakes it
# into the image. The Makefile previously did this via the files/id_rsa.pub
# prerequisite; those explicit image targets were removed, so the pipeline
# now stages the key before building. Superseded by the shared
# prepare-testimage-requirements template.
- ${{ if eq(parameters.useStagedSshKeys, true) }}:
- bash: |
set -eux

SRC="${{ parameters.tridentSourceDirectory }}/artifacts/id_rsa.pub"
DEST="${{ parameters.tridentSourceDirectory }}/tests/images/trident-vm-testimage/base/files"
mkdir -p "$DEST"
cp "$SRC" "$DEST/"
displayName: Stage SSH public key into testimage tree

- script: |
echo "##[warning]THE PIPELINE TEMPLATE trident-testimg-template.yaml IS DEPRECATED. PLEASE SWITCH TO USING testimages.py TO BUILD TEST IMAGES."
cat /etc/os-release
Expand Down
175 changes: 3 additions & 172 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -943,40 +943,20 @@ validate-pipeline-website-artifact:
npm install && \
npm run serve -- --port $(SERVER_PORT)

#
# Generic COSI image build target pattern
#
COSI_TARGETS = $(shell ./tests/images/testimages.py list --filter-type cosi)

.PHONY: $(COSI_TARGETS)
$(COSI_TARGETS): %: artifacts/%.cosi

.PHONY: all-cosi
all-cosi: $(COSI_TARGETS)

#
# Generic ISO image build target pattern
#
ISO_TARGETS = $(shell ./tests/images/testimages.py list --filter-type iso)

.PHONY: $(ISO_TARGETS)
$(ISO_TARGETS): %: artifacts/%.iso

.PHONY: all-iso
all-iso: $(ISO_TARGETS)

# Fun trick to use the stem of the target (%) as a variable ($*) in the
# prerequisites so that we can use find to get all the files in the directory.
# https://www.gnu.org/software/make/manual/make.html#Secondary-Expansion
.SECONDEXPANSION:
artifacts/%.cosi artifacts/%.iso artifacts/%.vhdx: $$(shell ./tests/images/testimages.py dependencies $$*)
artifacts/%.cosi artifacts/%.iso artifacts/%.vhdx artifacts/%.vhd artifacts/%.qcow2: $$(shell ./tests/images/testimages.py dependencies $$*)
@echo "Building '$*' [$@] from $<"
@echo "Extension is: $(subst .,,$(suffix $@))"
@echo "Prerequisites:"
@echo "$^" | tr ' ' '\n' | sed 's/^/ /'
@echo "Building image..."
sudo ./tests/images/testimages.py build \
$* \
--output-dir ./artifacts \
--output-type $(subst .,,$(suffix $@)) \
Comment thread
bfjelds marked this conversation as resolved.
$(if $(strip $(MIC_CONTAINER_IMAGE)),--container $(MIC_CONTAINER_IMAGE)) \
$(if $(strip $(MIC_ARCHITECTURE)),--image-architecture $(MIC_ARCHITECTURE))

Expand Down Expand Up @@ -1046,155 +1026,6 @@ $(MINIMAL_IMAGE_AARCH64):
@mkdir -p artifacts
@tests/images/testimages.py download-image minimal_aarch64

artifacts/trident-vm-grub-testimage.qcow2: \
$(QEMU_GUEST_IMAGE) \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-grub.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub \
artifacts/rpm-overrides
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--rpm-source /repo/artifacts/rpm-overrides \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-grub.yaml

artifacts/trident-vm-grub-testimage-arm64.qcow2: \
base/core_arm64.vhdx \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-grub.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-grub-verity.yaml

artifacts/trident-vm-grub-verity-testimage.qcow2: \
$(QEMU_GUEST_IMAGE) \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-grub-verity.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.service \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.sh \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub \
artifacts/rpm-overrides
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--rpm-source /repo/artifacts/rpm-overrides \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-grub-verity.yaml

artifacts/trident-vm-root-verity-testimage.qcow2: \
$(QEMU_GUEST_IMAGE) \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-root-verity.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub \
artifacts/rpm-overrides
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--rpm-source /repo/artifacts/rpm-overrides \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-root-verity.yaml

artifacts/trident-vm-verity-testimage-arm64.qcow2: \
base/core_arm64.vhdx \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-verity.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.service \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.sh \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-verity.yaml

artifacts/trident-vm-usr-verity-testimage.qcow2: \
$(QEMU_GUEST_IMAGE) \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-usr-verity.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub \
artifacts/rpm-overrides
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--rpm-source /repo/artifacts/rpm-overrides \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format qcow2 \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-usr-verity.yaml

artifacts/trident-vm-grub-verity-azure-testimage.vhd: \
$(CORE_SELINUX_IMAGE) \
$(TRIDENT_VM_DEPENDENCIES) \
$(VM_IMAGE_PATH_PREFIX)/baseimg-grub-verity-azure.yaml \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.service \
$(VM_IMAGE_PATH_PREFIX)/files/etc-mount.sh \
$(VM_IMAGE_PATH_PREFIX)/files/id_rsa.pub \
artifacts/rpm-overrides
@echo "Building $@ from $<"
docker run --rm \
--privileged \
-v ".:/repo:z" \
-v "/dev:/dev" \
${MIC_CONTAINER_IMAGE} \
--log-level debug \
--rpm-source /repo/bin/RPMS \
--rpm-source /repo/artifacts/rpm-overrides \
--build-dir /build \
--image-file /repo/$< \
--output-image-file /repo/$@ \
--output-image-format vhd-fixed \
--config-file /repo/$(VM_IMAGE_PATH_PREFIX)/baseimg-grub-verity-azure.yaml

.PHONY: imagecustomizer-dev-amd64
imagecustomizer-dev-amd64:
make -C ../azure-linux-image-tools/toolkit go-imagecustomizer
Expand Down
Loading